Sign-up

ID

VAR-201507-0414


CVE

CVE-2015-3720


TITLE

Apple OS X Vulnerability in obtaining important memory layout information in the kernel

Trust: 0.8

sources: JVNDB: JVNDB-2015-003423

DESCRIPTION

The kernel in Apple OS X before 10.10.4 does not properly manage memory in kernel-extension APIs, which allows attackers to obtain sensitive memory-layout information via a crafted app. Apple Mac OS X is prone to multiple security vulnerabilities. The update addresses new vulnerabilities that affect Admin Framework, afpserver, apache, AppleGraphicsControl, AppleFSCompression, AppleThunderboltEDMService, ATS, Bluetooth, Display Drivers, Intel Graphics Driver, IOAcceleratorFamily, IOFireWireFamily, Kernel, Install Framework Legacy, kext tools, ntfs, QuickTime, Security, Spotlight, and System Stats components. Attackers can exploit these issues to execute arbitrary code with system privileges, gain admin privileges, bypass security restrictions, cause denial-of-service conditions, obtain sensitive information, and perform other attacks. These issues affect OS X prior to 10.10.4. The vulnerability stems from the program not properly managing memory in the kernel-extension API. An attacker could exploit this vulnerability with a specially crafted application to obtain sensitive memory-layout information

Trust: 2.07

sources: NVD: CVE-2015-3720 // JVNDB: JVNDB-2015-003423 // BID: 75493 // VULHUB: VHN-81681 // VULMON: CVE-2015-3720

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:lteversion:10.10.3

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.10 to 10.10.3

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.10.3

Trust: 0.6

vendor:applemodel:quicktimescope:eqversion:7.6

Trust: 0.3

vendor:applemodel:quicktimescope:eqversion:7.3.4

Trust: 0.3

vendor:applemodel:quicktimescope:eqversion:7.2

Trust: 0.3

vendor:applemodel:quicktimescope:eqversion:7

Trust: 0.3

sources: BID: 75493 // JVNDB: JVNDB-2015-003423 // CNNVD: CNNVD-201507-081 // NVD: CVE-2015-3720

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-3720
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-3720
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201507-081
value: MEDIUM

Trust: 0.6

VULHUB: VHN-81681
value: MEDIUM

Trust: 0.1

VULMON: CVE-2015-3720
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-3720
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-81681
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-81681 // VULMON: CVE-2015-3720 // JVNDB: JVNDB-2015-003423 // CNNVD: CNNVD-201507-081 // NVD: CVE-2015-3720

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-81681 // JVNDB: JVNDB-2015-003423 // NVD: CVE-2015-3720

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201507-081

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201507-081

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-003423

PATCH
title:APPLE-SA-2015-06-30-2 OS X Yosemite v10.10.4 and Security Update 2015-005url:http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html
Trust: 0.8
title:HT204942url:http://support.apple.com/en-us/HT204942
Trust: 0.8
title:HT204942url:http://support.apple.com/ja-jp/HT204942
Trust: 0.8
title:Apple: OS X Yosemite v10.10.4 and Security Update 2015-005url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=50398602701d671602946005c7864211
Trust: 0.1
sources:
            
            
            VULMON: CVE-2015-3720 // 
            
            
            
            JVNDB: JVNDB-2015-003423

EXTERNAL IDS
db:NVDid:CVE-2015-3720
Trust: 2.9
db:BIDid:75493
Trust: 1.5
db:JVNDBid:JVNDB-2015-003423
Trust: 0.8
db:CNNVDid:CNNVD-201507-081
Trust: 0.7
db:VULHUBid:VHN-81681
Trust: 0.1
db:VULMONid:CVE-2015-3720
Trust: 0.1
sources:
            
            
            VULHUB: VHN-81681 // 
            
            
            
            VULMON: CVE-2015-3720 // 
            
            
            
            BID: 75493 // 
            
            
            
            JVNDB: JVNDB-2015-003423 // 
            
            
            
            CNNVD: CNNVD-201507-081 // 
            
            
            
            NVD: CVE-2015-3720

REFERENCES
url:http://support.apple.com/kb/ht204942
Trust: 1.9
url:http://lists.apple.com/archives/security-announce/2015/jun/msg00002.html
Trust: 1.8
url:http://www.securityfocus.com/bid/75493
Trust: 1.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3720
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3720
Trust: 0.8
url:http://www.apple.com/macosx/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/200.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.rapid7.com/db/vulnerabilities/apple-osx-adminframework-cve-2015-3718
Trust: 0.1
url:http://tools.cisco.com/security/center/viewalert.x?alertid=39581
Trust: 0.1
sources:
            
            
            VULHUB: VHN-81681 // 
            
            
            
            VULMON: CVE-2015-3720 // 
            
            
            
            BID: 75493 // 
            
            
            
            JVNDB: JVNDB-2015-003423 // 
            
            
            
            CNNVD: CNNVD-201507-081 // 
            
            
            
            NVD: CVE-2015-3720

CREDITS
Emil Kvarnhammar at TrueSec, Patrick Wardle of Synack, Dean Jerkovich of NCC Group, Apple, Chen Liang of KEEN Team, an anonymous researcher working with HP's Zero Day Initiative, Pawel Wylecial working with HP's Zero Day Initiative, John Villamil (@day6rea
Trust: 0.3
sources:
            
            
            BID: 75493

SOURCES
db:VULHUBid:VHN-81681
db:VULMONid:CVE-2015-3720
db:BIDid:75493
db:JVNDBid:JVNDB-2015-003423
db:CNNVDid:CNNVD-201507-081
db:NVDid:CVE-2015-3720

LAST UPDATE DATE
2025-04-13T22:04:37.406000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-81681date:2016-11-28T00:00:00
db:VULMONid:CVE-2015-3720date:2016-11-28T00:00:00
db:BIDid:75493date:2015-07-15T00:57:00
db:JVNDBid:JVNDB-2015-003423date:2015-07-08T00:00:00
db:CNNVDid:CNNVD-201507-081date:2015-07-10T00:00:00
db:NVDid:CVE-2015-3720date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:VULHUBid:VHN-81681date:2015-07-03T00:00:00
db:VULMONid:CVE-2015-3720date:2015-07-03T00:00:00
db:BIDid:75493date:2015-06-30T00:00:00
db:JVNDBid:JVNDB-2015-003423date:2015-07-08T00:00:00
db:CNNVDid:CNNVD-201507-081date:2015-07-03T00:00:00
db:NVDid:CVE-2015-3720date:2015-07-03T02:00:11.883